[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-devel
Subject:    Re: (ITS#3497) Enhancement: back-sql and non-leaf operations
From:       "Kurt D. Zeilenga" <Kurt () OpenLDAP ! org>
Date:       2005-01-20 21:33:59
Message-ID: 6.2.0.14.0.20050120132017.08ad5470 () mail ! openldap ! org
[Download RAW message or body]

At 12:41 PM 1/20/2005, Pierangelo Masarati wrote:
> I don't even see a clear specification for it...  Maybe we'd just define one of our \
> own, and stick with it.

I have no problem with that... as long as we publish a protocol
specification to stick to.

> > > Subtree deletion would require to fetch all the children, check whether there's
> > > any referral among them (which would require manageDSAit for the entire
> > > operation?) and subsequent deletion.
> > > 
> > 
> > I don't see this as something requiring manageDSAit (control
> > or permission).
> > 
> > I do see it requiring permission to delete each object in
> > the subtree.
> Of course I'd treat the operation as if it were split in the corresponding \
> operations on each entry from that point of view.  If a referral is found, I'd \
> reject the whole operation if manageDSAit is not set, otherwise I'd just perform \
> it.

Reject, but with response control which contained a set of
     { referral object DN, referral URLs }
so that the client knows what to delete. 

Alternatively, return "delete continuations" (in an LDAP intermediate
response) for each deleted referral object.

I don't have a preference (yet).

-- Kurt 


[prev in list] [next in list] [prev in thread] [next in thread]